ProHoster > ื‘ืœื•ื’ > ื—ื“ืฉื•ืช ื‘ืื™ื ื˜ืจื ื˜ > ืคื’ื™ืขื•ื™ื•ืช ื‘-Git ื”ืžืืคืฉืจื•ืช ืœืš ืœื”ื—ืœื™ืฃ ืงื‘ืฆื™ื ืื• ืœื”ืคืขื™ืœ ืงื•ื“ ืžืฉืœืš

ืคื’ื™ืขื•ื™ื•ืช ื‘-Git ื”ืžืืคืฉืจื•ืช ืœืš ืœื”ื—ืœื™ืฃ ืงื‘ืฆื™ื ืื• ืœื”ืคืขื™ืœ ืงื•ื“ ืžืฉืœืš

ืคื•ืจืกืžื• ืžื”ื“ื•ืจื•ืช ืžืชืงื ื•ืช ืฉืœ Git 2.40.1, 2.39.3, 2.38.5, 2.37.7, 2.36.6, 2.35.8, 2.34.8, 2.33.8, 2.32.7, 2.31.8 ื•-2.30.9. , ืฉืชื™ืงืŸ ื—ืžืฉ ื ืงื•ื“ื•ืช ืชื•ืจืคื”. ืืชื” ื™ื›ื•ืœ ืœืขืงื•ื‘ ืื—ืจ ืฉื—ืจื•ืจ ืขื“ื›ื•ื ื™ ื”ื—ื‘ื™ืœื•ืช ื‘ื”ืคืฆื•ืช ื‘ื“ืคื™ Debian, Ubuntu, RHEL, SUSE/openSUSE, Fedora, Arch, FreeBSD. ื›ืคืชืจื•ืŸ ืขื•ืงืฃ ืœื”ื’ื ื” ืžืคื ื™ ื ืงื•ื“ื•ืช ืชื•ืจืคื”, ืžื•ืžืœืฅ ืœื”ื™ืžื ืข ืžื”ืคืขืœืช ื”ืคืงื•ื“ื” "git application --reject" ื›ืืฉืจ ืขื•ื‘ื“ื™ื ืขื ืชื™ืงื•ื ื™ื ื—ื™ืฆื•ื ื™ื™ื ืฉืœื ื ื‘ื“ืงื•, ื•ืœื‘ื“ื•ืง ืืช ื”ืชื•ื›ืŸ ืฉืœ $GIT_DIR/config ืœืคื ื™ ื”ืคืขืœืช "git submodule deinit", "git config --rename-section" ื•-"git config --remove-section" ื›ืืฉืจ ืžืชืžื•ื“ื“ื™ื ืขื ืžืื’ืจื™ื ืœื ืžื”ื™ืžื ื™ื.

ืคื’ื™ืขื•ืช CVE-2023-29007 ืžืืคืฉืจืช ื”ื—ืœืคืช ื”ื’ื“ืจื•ืช ื‘ืงื•ื‘ืฅ ื”ืชืฆื•ืจื” $GIT_DIR/config, ืืฉืจ ื ื™ืชืŸ ืœื”ืฉืชืžืฉ ื‘ื”ื ืœื‘ื™ืฆื•ืข ืงื•ื“ ื‘ืžืขืจื›ืช ืขืœ ื™ื“ื™ ืฆื™ื•ืŸ ื ืชื™ื‘ื™ื ืœืงื‘ืฆื™ ื”ืคืขืœื” ื‘ื”ื ื—ื™ื•ืช core.pager, core.editor ื•-core.sshCommand. ื”ืคื’ื™ืขื•ืช ื ื’ืจืžืช ืžืฉื’ื™ืื” ืœื•ื’ื™ืช ืฉื‘ื’ืœืœื” ื ื™ืชืŸ ืœื”ืชื™ื™ื—ืก ืœืขืจื›ื™ ืชืฆื•ืจื” ืืจื•ื›ื™ื ืžืื•ื“ ื›ื”ืชื—ืœื” ืฉืœ ืกืขื™ืฃ ื—ื“ืฉ ื‘ืขืช ืฉื™ื ื•ื™ ืฉื ืื• ืžื—ื™ืงื” ืฉืœ ืกืขื™ืฃ ืžืงื•ื‘ืฅ ืชืฆื•ืจื”. ื‘ืคื•ืขืœ, ื ื™ืชืŸ ืœื”ืฉื™ื’ ื”ื—ืœืคื” ืฉืœ ืขืจื›ื™ ื ื™ืฆื•ืœ ืขืœ ื™ื“ื™ ืฆื™ื•ืŸ ื›ืชื•ื‘ื•ืช ืืชืจื™ื ืืจื•ื›ื•ืช ืžืื•ื“ ืฉืœ ืชืช-ืžื•ื“ื•ืœื™ื ื”ืžืื•ื—ืกื ื•ืช ื‘ืงื•ื‘ืฅ $GIT_DIR/config ื‘ืžื”ืœืš ื”ืืชื—ื•ืœ. ื›ืชื•ื‘ื•ืช URL ืืœื• ื™ื›ื•ืœื•ืช ืœื”ืชืคืจืฉ ื›ื”ื’ื“ืจื•ืช ื—ื“ืฉื•ืช ื›ืืฉืจ ืžื ืกื™ื ืœื”ืกื™ืจ ืื•ืชืŸ ื‘ืืžืฆืขื•ืช "git submodule deinit".

ืคื’ื™ืขื•ืช CVE-2023-25652 ืžืืคืฉืจืช ื”ื—ืœืคืช ื”ืชื•ื›ืŸ ืฉืœ ืงื‘ืฆื™ื ืžื—ื•ืฅ ืœืขืฅ ื”ืขื‘ื•ื“ื” ื›ืืฉืจ ืชื™ืงื•ื ื™ื ื‘ืขืœื™ ืžื‘ื ื” ืžื™ื•ื—ื“ ืžืขื•ื‘ื“ื™ื ืขืœ ื™ื“ื™ ื”ืคืงื•ื“ื” "git apply --reject". ืื ืชื ืกื” ืœื‘ืฆืข ืชื™ืงื•ืŸ ื–ื“ื•ื ื™ ืขื ื”ืคืงื•ื“ื” "git application" ืฉืžื ืกื” ืœื›ืชื•ื‘ ืœืงื•ื‘ืฅ ื“ืจืš ืงื™ืฉื•ืจ ืกืžืœื™, ื”ืคืขื•ืœื” ืชื™ื“ื—ื”. ื‘-Git 2.39.1, ื”ื”ื’ื ื” ืขืœ ืžื ื™ืคื•ืœืฆื™ื” ืฉืœ ืกื™ืžืœื™ื ืงื™ื ื”ื•ืจื—ื‘ื” ืœื—ืกื™ืžืช ืชื™ืงื•ื ื™ื ืฉื™ื•ืฆืจื™ื ืงื™ืฉื•ืจื™ื ืกื™ืžืœื™ื™ื ื•ืžื ืกื™ื ืœื›ืชื•ื‘ ื“ืจื›ื. ืžื”ื•ืช ื”ืคื’ื™ืขื•ืช ื”ื ื‘ื—ื ืช ื”ื™ื ืฉ-Git ืœื ืœืงื— ื‘ื—ืฉื‘ื•ืŸ ืฉื”ืžืฉืชืžืฉ ื™ื›ื•ืœ ืœื‘ืฆืข ืืช ื”ืคืงื•ื“ื” "git application -reject" ื›ื“ื™ ืœื›ืชื•ื‘ ืืช ื”ื—ืœืงื™ื ืฉื ื“ื—ื• ืฉืœ ื”ืชื™ืงื•ืŸ ื›ืงื‘ืฆื™ื ืขื ืกื™ื•ืžืช ".rej", ื•ื”ืชื•ืงืฃ ื™ื›ื•ืœ ื”ืฉืชืžืฉ ื‘ื”ื–ื“ืžื ื•ืช ื–ื• ื›ื“ื™ ืœื›ืชื•ื‘ ืืช ื”ืชื•ื›ืŸ ืœืกืคืจื™ื™ื” ืฉืจื™ืจื•ืชื™ืช, ื›ื›ืœ ืฉื”ื”ืจืฉืื•ืช ื”ื ื•ื›ื—ื™ื•ืช ืžืืคืฉืจื•ืช ื–ืืช.

ื‘ื ื•ืกืฃ, ืชื•ืงื ื• ืฉืœื•ืฉ ื ืงื•ื“ื•ืช ืชื•ืจืคื” ื”ืžื•ืคื™ืขื•ืช ืจืง ื‘ืคืœื˜ืคื•ืจืžืช Windows: CVE-2023-29012 (ื—ืคืฉ ืืช ืงื•ื‘ืฅ ื”ื”ืคืขืœื” doskey.exe ื‘ืกืคืจื™ื™ืช ื”ืขื‘ื•ื“ื” ืฉืœ ื”ืžืื’ืจ ื‘ืขืช ื‘ื™ืฆื•ืข ื”ืคืงื•ื“ื” "Git CMD", ื”ืžืืคืฉืจืช ืœืืจื’ืŸ ื‘ื™ืฆื•ืข ื”ืงื•ื“ ืฉืœืš ื‘ืžืขืจื›ืช ืฉืœ ื”ืžืฉืชืžืฉ), CVE-2023 -25815 (ื”ืฆืคืช ืžืื’ืจ ื‘ื–ืžืŸ ืขื™ื‘ื•ื“ ืงื•ื‘ืฆื™ ืœื•ืงืœื™ื–ืฆื™ื” ืžื•ืชืืžื™ื ืื™ืฉื™ืช ื‘-gettext) ื•-CVE-2023-29011 (ืืคืฉืจื•ืช ืœื”ื—ืœื™ืฃ ืืช ืงื•ื‘ืฅ connect.exe ื‘ืขื‘ื•ื“ื” ื“ืจืš SOCKS5).

ืžืงื•ืจ: OpenNet.ru

ื”ื•ืกืคืช ืชื’ื•ื‘ื”